Dell : Security Vulnerabilities (CVSS score between 8 and 8.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-36312 |
259 |
|
+Priv |
2021-11-23 |
2021-11-24 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system. |
2 |
CVE-2021-36307 |
269 |
|
+Priv |
2021-11-20 |
2021-11-23 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system. |
3 |
CVE-2019-3712 |
119 |
|
Exec Code Overflow |
2019-03-07 |
2019-10-09 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ThinLinux HAgent versions prior to 5.4.55 00.10 contain a buffer overflow vulnerability. An unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on the system with privileges of the FTP client by sending specially crafted input data to the affected system. The FTP code that contained the vulnerability has been removed. |
4 |
CVE-2018-1238 |
78 |
|
|
2018-03-27 |
2020-08-24 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
Dell EMC ScaleIO versions prior to 2.5, contain a command injection vulnerability in the Light Installation Agent (LIA). This component is used for central management of ScaleIO deployment and uses shell commands for certain actions. A remote malicious user, with network access to LIA and knowledge of the LIA administrative password, could potentially exploit this vulnerability to run arbitrary commands as root on the systems where LIAs are installed. |
Total number of vulnerabilities :
4
Page :
1
(This Page)